The compiled code at the heart of all systems has vulnerabilities that can quickly metastasize through all layers of an environment. Statistically, the largest class of vulnerabilities (40% by a count of CVEs) heavily infect open-source code and web-app frameworks. RunSafe’s Alkemist reduces the risk of exploitation in these software form factors, without developer or operator friction. In this discussion, we’ll show participants how to deploy open source code pre-hardened from this dangerous class of attacks.
Shane Fry is the Director of Security Engineering at RunSafe Security, Inc. He has over a decade of experience in cybersecurity, on both the offensive and defensive sides of the house. Shane began his career performing vulnerability assessments on a variety of software platforms, including Unix/Linux-based operating systems, Mac OS X, Android and iOS devices, internet browsers, and cloud computing platforms. His research has spanned all layers of the hardware and software stack, including physical circuit security, secure boot, software update, memory corruption, and web-application vulnerabilities. Shane brings his deep offensive cybersecurity experience to bear when consulting on secure system design, architecture, and implementation for private industry, contractors, and US Government systems. Outside of RunSafe Security, Shane is involved in the local Huntsville, AL startup scene. He has co-taught a course that describes a framework for determining whether an individual should invest the time, effort, and money into a prospective product or service. In collaboration with Intel/McAfee, Shane participated in an automotive technology hacking competition, where he led a team to first place. His contributions at the competition resulted in being an industry collaborator on a public McAfee report regarding Automotive Security Best Practices.
Register here: https://www.sans.org/webcasts/116205?source=runsafe1